Prototyping a peer-to-peer session initiation protocol user agent

Tsietsi, Mosiuoa Jeremia

10 March 2008

The Session Initiation Protocol (SIP) has in recent years become a popular protocol for the exchange of text, voice and video over IP networks. This thesis proposes the use of a class of structured peer to peer protocols - commonly known as Distributed Hash Tables (DHTs) - to provide a SIP overlay with services such as end-point location management and message relay, in the absence of traditional, centralised resources such as SIP proxies and registrars. A peer-to-peer layer named OverCord, which allows the interaction with any specific DHT protocol via the use of appropriate plug-ins, was designed, implemented and tested. This layer was then incorporated into a SIP user agent distributed by NIST (National Institute of Standards and Technology, USA). The modified user agent is capable of reliably establishing text, audio and video communication with similarly modified agents (peers) as well as conventional, centralized SIP overlays.

Computer networks

Computer network protocols -- Standards

Data transmission systems -- Standards

Computer network architectures

The Next Generation Botnet Attacks And Defenses

Wang, Ping

01 January 2010

A "botnet" is a network of compromised computers (bots) that are controlled by an attacker (botmasters). Botnets are one of the most serious threats to today’s Internet; they are the root cause of many current Internet attacks, such as email spam, distributed denial of service (DDoS) attacks , click fraud, etc. There have been many researches on how to detect, monitor, and defend against botnets that have appeared and their attack techniques. However, it is equally important for us to investigate possible attack techniques that could be used by the next generation botnets, and develop effective defense techniques accordingly in order to be well prepared for future botnet attacks. In this dissertation, we focus on two areas of the next generation botnet attacks and defenses: the peer-to-peer (P2P) structured botnets and the possible honeypot detection techniques used by future botnets. Currently, most botnets have centralized command and control (C&C) architecture. However, P2P structured botnets have gradually emerged as a new advanced form of botnets. Without C&C servers, P2P botnets are more resilient to defense countermeasures than traditional centralized botnets. Therefore, we first systematically study P2P botnets along multiple dimensions: bot candidate selection, network construction and C&C mechanisms and communication protocols. As a further illustration of P2P botnets, we then present the design of an advanced hybrid P2P botnet, which could be developed by botmasters in the near future. Compared with current botnets, the proposed botnet is harder to be shut down, monitored, and hijacked. It provides robust network connectivity, individualized encryption and control traffic dispersion, limited botnet exposure by each bot, and easy monitoring and recovery by its botmaster. We suggest and analyze several possible defenses against this advanced botnet. Upon our understanding of P2P botnets, we turn our focus to P2P botnet countermeasures. We provide mathematical analysis of two P2P botnet mitigation approaches — index iii poisoning defense and Sybil defense, and one monitoring technique - passive monitoring. We are able to give analytical results to evaluate their performance. And simulation-based experiments show that our analysis is accurate. Besides P2P botnets, we investigate honeypot-aware botnets as well. This is because honeypot techniques have been widely used in botnet defense systems, botmasters will have to find ways to detect honeypots in order to protect and secure their botnets. We point out a general honeypot-aware principle, that is security professionals deploying honeypots have liability constraint such that they cannot allow their honeypots to participate in real attacks that could cause damage to others, while attackers do not need to follow this constraint. Based on this principle, a hardware- and software- independent honeypot detection methodology is proposed. We present possible honeypot detection techniques that can be used in both centralized botnets and P2P botnets. Our experiments show that current standard honeypot and honeynet programs are vulnerable to the proposed honeypot detection techniques. In the meantime, we discuss some guidelines for defending against general honeypot-aware botnet attacks.

Computer networks -- Security measures

Computer security

Electrical and Computer Engineering

Electrical and Electronics

Engineering

The Wisdom of Crowds as a Model for Trust and Security in Peer Groups

Whitney, Justin D

29 September 2005

"Traditional security models are out of place in peer networks, where no hierarchy ex- ists, and where no outside channel can be relied upon. In this nontraditional environment we must provide traditional security properties and assure fairness in order to enable the secure, collaborative success of the network. One solution is to form a Trusted Domain, and exclude perceived dishonest and unfair members. Previous solutions have been intolerant of masquerading, and have suffered from a lack of precise control over the allocation and exercise of privileges within the Trusted Domain. Our contribution is the introduction of a model that allows for controlled access to the group, granular control over privileges, and guards against masquerading. Contin- ued good behavior is rewarded by an escalation of privileges, while requiring an increased commitment of resources. Bad behavior results in expulsion from the Trusted Domain. In colluding with malicious nodes, well behaved nodes risk losing privileges gained over time; collusion is thereby discouraged. We implement our solution on top of the Bouncer Toolkit, produced by Narasimha et al. [7], as a prototype peer to peer network. We make use of social models for trust from [], and rely on new cryptographic primitives from the field of Threshold Cryptography. We present the results of an experimental analysis of its performance for a number of thresholds, and present observations on a number of important performance and security improvements that can be made to the underlying toolkit."

threshold cryptography

file sharing

security

peer to peer

p2p

trust

Computer networks

Security measures

Cryptography

Hybrid multicasting using Automatic Multicast Tunnels (AMT)

Alwadani, Dhaifallah

January 2017

Native Multicast plays an important role in distributing and managing delivery of some of the most popular Internet applications, such as IPTV and media delivery. However, due to patchy support and the existence of multiple approaches for Native Multicast, the support for Native Multicast is fragmented into isolated areas termed Multicast Islands. This renders Native Multicast unfit to be used as an Internet wide application. Instead, Application Layer Multicast, which does not have such network requirements but is more expensive in terms of bandwidth and overhead, can be used to connect the native multicast islands. This thesis proposes Opportunistic Native Multicast (ONM) which employs Application LayerMulticast (ALM), on top of a DHT-based P2P overlay network, and Automatic Multicast Tunnelling (AMT) to connect these islands. ALM will be used for discovery and initiating the AMT tunnels. The tunnels will encapsulate the traffic going between islands' Primary Nodes (PNs). AMT was used for its added benefits such as security and being better at traffic shaping and Quality Of Service (QoS). While different approaches for connecting multicast islands exists, the system proposed in the thesis was designed with the following characteristics in mind: scalability, availability, interoperability, self-adaptation and efficiency. Importantly, by utilising AMT tunnels, this approach has unique properties that improve network security and management.

004.6

Distributed OpenCL : a platform for distributed, heterogeneous computing for domain scientists

Dillon, William H. (William Hall)

29 May 2012

It is possible to purchase, for as little as $10,000, a cluster of computers with the capability to rival the supercomputers of only a few years ago. Now, users that have little to no experience developing distributed applications or managing a cluster are in a position to do so. To allow domain scientists to effectively utilize these resources, Distributed OpenCL (DOCL) was developed. DOCL is an easy-to-use foundation for peer-to-peer distributed computation on small to medium clusters. It is assumed that the end-user is a domain scientist, familiar with model development in environments such as Matlab, though inexperienced with distributed computation or parallel programming. The scope of this work includes the definition of a peer-to-peer protocol for discovering and establishing relationships with every node within a multicast domain, using the concepts of Zero-Configuration Networking, multicast DNS, and DNS Service Discovery. A problematic edge case of multicast DNS is detailed along with a mitigation technique. An XML schema is also described for basic peer communication and cluster management and inventory. A system for scheduling algorithm tasks on the cluster of heterogeneous compute devices was developed, including an automatic computation and communication cost measurement system. Finally, a graphical programming language was designed and implemented that allows non-expert programmers and modelers to develop new applications in a straightforward, accessible way. / Graduation date: 2012

Distributed Computing

Zeroconf

Peer-to-peer

GPGPU

OpenCL

Task Graph

Interest management scheme and prediction model in intelligent transportation systems

Li, Ying

12 October 2012

This thesis focuses on two important problems related to DDDAS: interest management (data distribution) and prediction models. In order to reduce communication overhead, we propose a new interest management mechanism for mobile peer-to-peer systems. This approach involves dividing the entire space into cells and using an efficient sorting algorithm to sort the regions in each cell. A mobile landmarking scheme is introduced to implement this sort-based scheme in mobile peer-to-peer systems. The design does not require a centralized server, but rather, every peer can become a mobile landmark node to take a server-like role to sort and match the regions. Experimental results show that the scheme has better computational efficiency for both static and dynamic matching. In order to improve communication efficiency, we present a travel time prediction model based on boosting, an important machine learning technique, and combine boosting and neural network models to increase prediction accuracy. We also explore the relationship between the accuracy of travel time prediction and the frequency of traffic data collection with the long term goal of minimizing bandwidth consumption. Several different sets of experiments are used to evaluate the effectiveness of this model. The results show that the boosting neural network model outperforms other predictors.

ITS

DDDAS

Interest management

Travel time prediction

Mobile P2P

Intelligent transportation systems

Travel time (Traffic engineering)

Machine learning

Artificial intelligence

Efficient Information Dissemination in Wide Area Heterogeneous Overlay Networks

Zhang, Jianjun

11 July 2006

In this dissertation research we study and address the unique challenges involved in information sharing and dissemination of large-scale group communication applications. We focus on system architectures and various techniques for efficient and scalable information dissemination in distributed P2P environments. Our solutions are developed by targeting at utilizing three representative P2P overlay networks: structured P2P network based on consistent hashing techniques, unstructured Gnutella-like P2P network, and P2P GeoGrid based on geographical location and proximity of end nodes. We have made three unique contributions to the general field of large-scale information sharing and dissemination. First, we propose a landmark-based peer clustering techniques to grouping end-system nodes by their network proximity, and a communication management technique addresses load balancing and reliability of group communication applications in structured P2P network. Second, we develop a utility-based P2P group communication service middleware, consisting of a utility-based topology management and a utility-aware P2P routing, for providing scalable and efficient group communication services in an unstructured P2P overlay network of heterogeneous peers. Third, we propose an overlay network management protocol that is aware of the geographical location of end-system nodes and a set of routing and adaptation techniques, aiming at building decentralized information dissemination service networks to support location-based applications and services. Although different overlay networks require different system designs for building scalable and efficient information dissemination services, we have employed two common design philosophies: (1) exploiting end-system heterogeneity and (2) utilizing proximity information of end-system nodes to localize most of the communication traffic, and (3) using randomized shortcuts to accelerate long-distant communications. We have demonstrated our design philosophies and the performance improvements in the above three types of P2P overlay networks. Concretely, by assigning more workloads to more powerful peers, we can greatly increase the system scalability and reduce the variation of workload distribution. By clustering end-system nodes based on their IP-network proximity or their geographical proximity, and utilizing randomized shortcuts, we can reduce the end-to-end communication latency, balance peer workloads against service request hotspots across the overlay network, and significantly enhance the scalability and efficiency of large-scale decentralized information dissemination and group communication.

Information dissemination

Multicast

Overlay networks

Peer-to-peer

Distributed systems

Heterogeniety

Information networks

Routing (Computer network management)

Computer network architectures

The technology of casually connected collaboration

Danzfuss, Theodor Werner.

January 2009

Thesis (M.Sc.(Computer Science))--University of Pretoria, 2009. / Includes bibliographical references.

Economic issues in distributed computing

Huang, Yun, 1973-

28 August 2008

On the Internet, one of the essential characteristics of electronic commerce is the integration of large-scale computer networks and business practices. Commercial servers are connected through open and complex communication technologies, and online consumers access the services with virtually unpredictable behavior. Both of them as well as the e-Commerce infrastructure are vulnerable to cyber attacks. Among the various network security problems, the Distributed Denial-of-Service (DDoS) attack is a unique example to illustrate the risk of commercial network applications. Using a massive junk traffic, literally anyone on the Internet can launch a DDoS attack to flood and shutdown an eCommerce website. Cooperative technological solutions for Distributed Denial-of-Service (DDoS) attacks are already available, yet organizations in the best position to implement them lack incentive to do so, and the victims of DDoS attacks cannot find effective methods to motivate the organizations. Chapter 1 discusses two components of the technological solutions to DDoS attacks: cooperative filtering and cooperative traffic smoothing by caching, and then analyzes the broken incentive chain in each of these technological solutions. As a remedy, I propose usage-based pricing and Capacity Provision Networks, which enable victims to disseminate enough incentive along attack paths to stimulate cooperation against DDoS attacks. Chapter 2 addresses possible Distributed Denial-of-Service (DDoS) attacks toward the wireless Internet including the Wireless Extended Internet, the Wireless Portal Network, and the Wireless Ad Hoc network. I propose a conceptual model for defending against DDoS attacks on the wireless Internet, which incorporates both cooperative technological solutions and economic incentive mechanisms built on usage-based fees. Cost-effectiveness is also addressed through an illustrative implementation scheme using Policy Based Networking (PBN). By investigating both technological and economic difficulties in defense of DDoS attacks which have plagued the wired Internet, our aim here is to foster further development of wireless Internet infrastructure as a more secure and efficient platform for mobile commerce. To avoid centralized resources and performance bottlenecks, online peer-to-peer communities and online social network have become increasingly popular. In particular, the recent boost of online peer-to-peer communities has led to exponential growth in sharing of user-contributed content which has brought profound changes to business and economic practices. Understanding the dynamics and sustainability of such peer-to-peer communities has important implications for business managers. In Chapter 3, I explore the structure of online sharing communities from a dynamic process perspective. I build an evolutionary game model to capture the dynamics of online peer-to-peer communities. Using online music sharing data collected from one of the IRC Channels for over five years, I empirically investigate the model which underlies the dynamics of the music sharing community. Our empirical results show strong support for the evolutionary process of the community. I find that the two major parties in the community, namely sharers and downloaders, are influencing each other in their dynamics of evolvement in the community. These dynamics reveal the mechanism through which peer-to-peer communities sustain and thrive in a constant changing environment. / text

Electronic commerce--Security measures

Computer networks--Security measures

Online social networks

Query processing for peer mediator databases /

Katchaounov, Timour,

January 2003

Diss. (sammanfattning) Uppsala : Univ., 2003. / Härtill 6 uppsatser.